I’m trying to sign a newly imported key.
`gpg --sign-key
Are you sure that you want to sign this key with your
key “myID@mycompany.com (New Key for My ID) myID@mycompany” (CBC2E40F65C32CFA)
Really sign? (y/N) y
gpg: signing failed: Timeout
gpg: signing failed: Timeout
Key not changed so no update needed.`
I’m not sure why it is timing out. It hasn’t done this before.
Any ideas?
Never mind. I ran the sign command with -v and that seems to have slowed things down enough that it brought up the prompt for the passphrase and the signing completed without issue after that.
I’m running into this error again. Even using -v on the command, it still times out opening the dialog box for the passphrase.
Can anyone suggest a way around this?
Hi @kevin.slack,
sorry to read that this is causing trouble for you.
Usually there is enough time to enter the passphrase. How long does it take to get a pinentry dialog?
Two questions to exclude other possibilities:
What happens sometimes is that the dialog comes up behind some other windows and it overlooked, have you checked that it does not open up in the background?
You could try to give it a second -v ending up with -vv so get more diagnostic input.
Regards,
Bernhard
Hi @Bernhard Reiter.
I actually never get a dialog. It times out before the dialog appears. I have closed every window to see if it was hidden, but there was nothing.
However, I was able to use a workaround using --loopback_mode pinentry and --passphrase. That allowed me to put the passphrase in the command line. Not as secure perhaps, but it worked.
Thanks,
Kevin
It is really strange that you do not get a dialog at all. Windows? Gpg4win Version?
Did you, by change, change the pinentry settings?
Hi, no I guess he usually has unlocked the key beforehand and then signs the key so that the passphrase is cached. That would be my recommendation, too. Just set a long time to live for the cache entries:
default-cache-ttl 72000
max-cache-ttl 72000
In %APPDATA%\gnupg\gpg-agent.conf
(create the file if it does not exist)
And then sign once interactively and it will keep your passphrase cached. For the 72000 seconds. You can chose another value if you like of course. But before you put your passphrase in a batch script it is usually better to just remove the passphrase of the key altogether.
You can do this in Kleopatra, too but I forgot how the options are called there and would have to look it up.
Thanks for the help. I am using v4.2.0, on Windows 2019. I hadn’t changed the pinentry settings, but I’ll put the timeouts in the gpg-agent.conf file and see if that works. I’ll update once I’m able to try again.
Just to be clear I’m not using a batch file, just doing it at the command line. I’m an old unix guy and cmd line is more comfortable. 
Thanks again! I really appreciate the help.
Kevin
I guess he usually has unlocked the key beforehand and then signs the key so that the passphrase is cached.
In my understanding there wouldn’t be a timeout then and this is what was reported. Or could there be?